查看当前用户所有权限 select from user_sys_privs ; select t from user_sys_privs
查看当前用户的角色 select from user_role_privs
查看当前用户信息 select from user_users
可以查看当前用户 whoami
查看你的当前用户名 whoami
查看当前所有用户情况 wrkusrjob
查看当前所有在线用户 who
查看当前登录了的用户 who
例如,刚才的代码片段在当前用户未被授权查看索引大于4的页面时,取消了转换到新页面的操作。
For example, the code snippet just shown cancels the transition to the new page if the current user is not authorized to view pages with an index greater than 4.
找到ACL后,检查当前用户的身份和组,并查看它们是否在ACL中列出以及列表是否具有“进入”权限。
Once you find an ACL, examine the current user's identity and groups, and see if they are listed in the ACL, and if their listing has the ENTRY permission.
在暗地里,我已经建立了一些安全捕捉:ServletFilter将查看给定的参数名称当前是否与当前用户会话中的名称相匹配。
Under the hood, I've set up a little security catch: a ServletFilter that will check to see if the given parameter name matches the name currently in session for the current user.
应用推荐